If it doesn’t work

Asked

Viewed 393 times

0

I’m developing a website, in it some users will access and need to the password expires every 30 days. I did that check, but never falls into it, even when the if is true. If anyone has any idea what might be wrong or a tip to improve, thank you. Below follows the code in PHP.

  $cnpj               = $_POST['cnpj'];
  $senha              = $_POST['senha'];
  $hoje               = date('Y-m-d');

  $conexao            = mysqli_connect('localhost','root','') or print(mysqli_error());
  $db                 = mysqli_select_db($conexao, 'teste') or print(mysqli_error());

  $sql                = "SELECT * FROM usuario WHERE cnpj = '$cnpj' AND senha = '$senha'";
  $sql2               = "UPDATE usuario SET senha = 'expirou' WHERE cnpj = '$cnpj' and NOW() > data_senha"; 
  $sql3               = "UPDATE usuario SET data_senha = NOW() WHERE cnpj = '$cnpj'";
  $sql4               = "SELECT data_senha FROM usuario WHERE cnpj = '$cnpj'";

  $resultado_login    = mysqli_query($conexao, $sql);
  $data_senha         = mysqli_query($conexao, $sql4);

  if ($hoje >= $data_senha) {
    echo "<script> window.alert('Sua senha expirou! Entre em contato com a Rofran e solicite a nova senha.'); </script>";
    echo "<script> window.location.replace('../index.html'); </script>";
    $update_senha       = mysqli_query($conexao,$sql2);
    $update_data_senha  = mysqli_query($conexao,$sql3);
  }elseif(mysqli_num_rows($resultado_login) == 0){
    header("Location: ../erro.html");
    session_destroy();    
  }else{
    header("Location:../home.html");
    session_start();
  } 

I tested both date variables and return value, but in these tests I also noticed that they are not of the same type, even presenting the same format yyyy-mm-d.

  • 1

    The $today and $data_password variables are of the same type?

  • you already tried that var_dump(mysqli_num_rows($resultado));die; before the if. Ever tried to put a die("alguma coisa"); inside the IF blocks, to see if it really isn’t in, or if the code inside is that it doesn’t work?

  • Cannot verify if it is longer data_password. It is not integer.

  • First thing, your code won’t get to the if? Because you redirect before... have you checked? The password date by your code is just a string, forgot to execute the commands...

  • Yes, but when starting this implementation the first time I did it worked, fell in the if. Now it no longer happens and put before the check also does not work

  • See the $data_password... only has an sql command in it...

  • Yes, because that date comes from the bank

  • To get the data you need to give a mysqli_query and then a mysqli_mysqli_fetch_assoc... http://php.net/manual/en/mysqli-result.fetch-assoc.php

  • Okay, thanks for the tip. I’ll fix

Show 5 more comments

6 answers

2

Well, we have some problems with that code.

The first of these is the contents of $data_password. It will always be only the query text, because there is at no time the execution of it, nor the obtaining of the result.

The second is that when finding a query record, which is correct (the one that locates the user by cnpj and password), it already forwards the HTTP header that sends the browser to "home.html". So, whatever happens from there, the user will not notice - in case the warning messages that would be generated when fixing the first error.

The third of them is that the queries that should run at the end, within the if that checks the dates, are never executed. You just create them as a string, but there is no call to the mysqli_query method, which would finally execute them.

Fixing these three, your code should already work.

  • I changed it as you suggested but it still doesn’t work, I’ve changed the code in the question. The first time I tested it worked, but after testing the second no longer worked

  • Regarding the $data_password, now you run the query, but there is no time to get the result - use something like mysqli_fetch_array using the Resource returned by mysqli_query, to popular an array and this array access the information you want (the date).

  • Okay, I’ll test it. Thank you!

1

Consider this part of the code:

// ...
$data_senha = mysqli_query($conexao, $sql4);
if ($hoje >= $data_senha) {
// ...

The variable $data_senha does not have the value of the date, but an object MySQLi_Result. To get the desired value, it is necessary to use some function of fetch, like the mysqli_fetch_assoc, which returns an array containing the selected values.

In addition, as already noted in another reply, it is necessary to use the function strtotime to compare dates.

So..

// ...
$resultado_data_senha = mysqli_fetch_assoc(mysqli_query($conexao, $sql4));
$data_senha = $resultado_data_senha["data_senha"];
if (strtotime($hoje) >= strtotime($data_senha)) {
// ...
  • strtotime does not work, the following error occurs: "strtotime() expects Parameter 1 to be string, array Given", this error occurs because after doing the $data_password mysql_fetch_accoc, this variable turns into an array and it makes no sense to strtotime to an array.

  • Without doing strtotime, mysql_fetch_accoc works, but it only worked with the date, so it enters the if condition, but the updates within the if I adapted as well as with the date do not work.

  • @R.Gasparin on the variable $data_senha be an array because it is necessary to obtain the value of the index data_senha as I did in the previous line. For updates, just run the mysqli_query, it is not necessary to use the return and let alone execute a fetch.

  • In the code of the question is with mysqli_query, but I think it didn’t work because I made two updates in a row, now I made only one and finally everything is working now. Thank you!

0

Make these changes and see if you’re dropping into the IF. Under the $data_password, enter:

$resultado_data = mysqli_query($conexao, $data_senha);
$linha= mysqli_fetch_assoc($resultado_data);

And replace the if with:

if($hoje >= $linha['data_senha'])
  • Thanks for the correction, I’ll try!

  • It didn’t work out this way you suggested, I’ll keep trying

0

To compare dates should be used like this:

If(strtotime($hoje) >= strtotime($data_senha)){ }
  • It didn’t work out this way you suggested, I’ll keep trying

  • So the value is coming different from the bank.

0


After the help of @oeslei and @Antonioantunes, I changed the code and it is working. Below is the correct code:

<?php 

  $cnpj                  = $_POST['cnpj'];
  $senha                 = $_POST['senha'];
  $hoje                  = date('Y-m-d');

  $conexao               = mysqli_connect('localhost','root','') or print(mysqli_error());
  $db                    = mysqli_select_db($conexao, 'teste') or print(mysqli_error());

  $sql                   = "SELECT * FROM usuario WHERE cnpj = '$cnpj' AND senha = '$senha'";
  $sql2                  = "UPDATE usuario SET senha = 'expirou', data_senha = NOW() WHERE cnpj = '$cnpj' and NOW() > data_senha"; 
  $sql3                  = "SELECT data_senha FROM usuario WHERE cnpj = '$cnpj'";

  $resultado_login       = mysqli_query($conexao, $sql);
  $res_data_senha        = mysqli_fetch_assoc(mysqli_query($conexao, $sql3));
  $data_senha            = $res_data_senha["data_senha"];

  if($hoje >= $data_senha){
    echo "<script> window.alert('Sua senha expirou! Entre em contato e solicite a nova senha.'); </script>";
    echo "<script> window.location.replace('../index.html'); </script>";
    $update_senha_data   = mysqli_query($conexao, $sql2);
  }elseif(mysqli_num_rows($resultado_login) == 0){
    header("Location: ../erro.html");
    session_destroy();    
  }else{
    header("Location:../home.html");
    session_start();
  }

?>

-2

A good way to debug would be to print the $data_password and mysql return variable data to check if the information is tapping.

  • Both dates are returning values when testo, I just didn’t understand which mysql return is the one you’re referring to, could explain?

  • give an echo $today and an echo $data_password['data_password'] and see what data format they return. Another way would be for you to pass today’s date in the query and validate in the bank. Example: SELECT (CASE WHEN COUNT(*) > 0 THEN 1 ELSE 0 END) AS brand_count FROM table WHRE id = ? AND data_password <= now() This way you will receive a Boolean that will be passed in your if(#line['brand_count' == 1]) {}

  • You are not allowed to use the response field to comment. The comment feature will be made available to you when you have more reputation. Until then use the answer field only to answer the question.

  • Both return date in yyyyyy-mm-d format, but I believe they are still different types because when I perform an if $today !== $data_password is to check if they are different types falls in this if, so I do not know how to leave the same type

Browser other questions tagged

You are not signed in. Login or sign up in order to post.